major DNS hiccup

---

• From: Mike Scott <usenet.10@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 06 Jul 2006 18:09:50 GMT

---

This was all working fine until this afternoon - when I did nothing and it just decided to malfunction.

Running 6.1, with named, which also acts as master for a private TLD behind a firewall. Configuration files untouched for a year or more, been working fine since the upgrade to 6.1 a month or two back.

Today, I suddenly found that DNS responses from the net often look wrong. Using ethereal, I see that returned DNS answer packets often come back with success, but no result records, which isn't good news. Sometimes ethereal flags a 'format error', whatever that is; such packets still have no results, and also no question either. The private TLD works fine - it's only stuff from the net that's affected, but /not/ everything.

sockstat reports named is running with port 53 open on various addresses. I've restarted named and even rebooted to no avail.

If I remove 127.0.0.1 from resolv.conf, and replace with my ISP's name servers, DNS from the net at large works just fine (although obviously my private TLD now fails).

On the offchance the problem was the NIC to the cable modem, I've changed that; no joy though. Anyway, if there were a bad fault there, I'd expect to see other problems as well.

This one seems to fall heavily into the "can't happen" category, and I'm stuck for ideas: would /very/ much appreciate pointers about where to look.

Thanks in advance.

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)
.

---

• Follow-Ups:
  • Re: major DNS hiccup
    • From: Speechless
  • Re: major DNS hiccup
    • From: Michel Talon
  • Re: major DNS hiccup
    • From: Dom
  • Re: major DNS hiccup
    • From: jpd

• Prev by Date: Re: WLAN questions
• Next by Date: Re: syntax error at the end of input
• Previous by thread: syntax error at the end of input
• Next by thread: Re: major DNS hiccup
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Stand Alone Networks, Their Domain Names, and DNS ... * PLEASE post all messages and replies in the newsgroups ... your network. ... The NetBIOS name is just the prefix. ... Directory you will need DNS to allow it to function properly. ... (microsoft.public.win2000.networking) Re: Cant Resolve Certain internet DNS names ... Our firewall was already using 1500 MTU, but the Checkpoint SmartDefense ... Why are some websites using non-RFC compliant packets for DNS? ... > DNS server, but this reduces DNS efficiency because queries that won't fit ... (microsoft.public.windows.server.dns) Re: DNS Fixup/Inspect Pix/ASA 7.0 or greater breaking email ... emails being sent to AOL and Comcast plus a few other mom and pops to hang ... I have that there is no way that a DNS inspect command could cause only ... long responses have the response dropped, ... 1500 byte packets these days, that they can just send back longer ... (comp.dcom.sys.cisco) A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vu ... DNS transaction ID (OpenBSD ported BIND 9 into their code tree, ... fragmentation ID normalization feature (e.g. "scrub out random- ... packets and raw IP packets. ... (Bugtraq) Re: Slow network access from WIN2000Pro ... How about DNS on the server? ... >> * PLEASE post all messages and replies in the newsgroups ... >>> long time to retrieve the data from the SBS PC. ... >>>>> Since all this has happened, file sharing traffic across the network ... (microsoft.public.win2000.networking)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)